Routing to VPN access server issue on ISA 2004
- From: "A.J. Boudewijn" <isa@xxxxxxxxxxxx>
- To: isalist@xxxxxxxxxxxxx
- Date: Mon, 20 Sep 2004 04:40:15 -0600
Hi,
We are just testing with ISA 2004 server and have an issue with routing.
Working Situation:
A)Windows 2000 + ISA 2000 server. Routing and Remote Access enabled. RIP.
B)Windows 2003 Remote Access Server. RIP. VPN dialer to 192.168.100.0
network.
Client workstations use the ISA as default gateway. When they want to go
to the 192.168.100.0 network they are routed by the ISA to the Windows
2003 Remote Access Server. They are able to ping to Internet and the
192.168.100.0 network.
New situation:
A)Windows 2003 + ISA 2004 server. Routing and Remote Access enabled. RIP.
B)Windows 2003 Remote Access Server. RIP. VPN dialer to 192.168.100.0
network.
Client workstations use the ISA 2004 as default gateway. When they want to
go to the 192.168.100.0 network they are not routed by the ISA 2004 to the
Windows 2003 Remote Access Server. They are able to ping to Internet, but
no able to ping the 192.168.100.0 network. We can also ping the Windows
2003 Remote Access Server.
The Routing table on ISA 2004 shows the route to 192.168.100.0 Its
receiving the route from the Windows 2003 (B)
We created an access rule for PING to all remote, local host and internal
network.
We still have an action denied in the logging of the ISA 2004 server when
pinging from a client workstation to the 192.168.100.0 network. The name
of the rule is empty , so I guess this is an impliciet/system rule that
cause that we are not able to ping / reach the 192.168.100.0 network.
What can cause this ? Any idea?
Thanks,
Albert Jan Boudewijn
Other related posts:
